Has the total number of alert and intrusion attempts logged by your Zone Alarm firewall got you depressed? Would you like to reset those counts periodically, to give yourself a fresh start, or so you can more easily see just how many you're logging in a week or a month? Well, you can do this without having to reinstall Zone Alarm.

The total number of intrusions and the count of those that were considered "high-rated", as seen in the attached ZA screen shot, can be easily modified.

http://www.wilderssecurity.com/attachments/zapintrusionsummarynov03.gif

I've started resetting the total intrusion counters in ZA at the start of each month, in an attempt to see the change in the overall trends . It's amazing how since the start of the Opaserv/Bugbear NetBIOS scans that I now get more scans each month then I got the entire year before.

To reset these counters, you need to use Regedit. The usual warnings about editing the registry apply (make a backup, use caution, etc.) If you are uncomfortable using regedit, then you shouldn't use it or attempt to try this tweak.

To reset the counts manually go into Regedit and locate the key:

[HKEY_LOCAL_MACHINE\SOFTWARE\Zone Labs\ZoneAlarm]

Notice the two values BlockCount and HackCount. These are where ZA stores the running counts for intrusions since installation (or your last reset). You can change these values as you like.

You can also make a regedit file that you could use to assist in this task. Create a file in Notepad named something like ZA-Count-Reset.reg, and paste these lines into it...

-{ Quote: "REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Zone Labs\ZoneAlarm]
"BlockCount"=dword:00000000
"HackCount"=dword:00000000" }-

Merge this file into the registry anytime you want to reset the counts to zero. Note that ZA must be restarted for these new numbers to take effect. The way I do this is I first shutdown ZA, run this file to reset the counters, and then restart ZA. (If you are going to shutdown your firewall, then be sure to be disconnected from the net when you do so.)

Enjoy,
LowWaterMark

- Changed version on regedit header for better platform compatibility - 09/02/03

Nice touch LWM !! :)
I shall be doing the same.

Thanks and regards,
bill ;)

Thank you so much for that.
I've wanted to reset my counters for ages, but didn't know how.
Recently I have been getting up to 450 blocked access attempts a day and the counters have been racking up so quickly! :) :)

Now if you could just tell me how to set that clock back in my Range Rover for Daylight Savings Time the whole world will be in harmony. :o I disabled the UnPnP last winter and that did not help.

-{ Quote: "Now if you could just tell me how to set that clock back in my Range Rover for Daylight Savings Time the whole world will be in harmony." }-

Now that is way too much effort. Easier to just wait until next April, and like magic, it'll be right again. ;)

Thanks lowwatermark. Maybe if we keep our fingers crossed ZL will pick up on this and put a clear counter in their next update. lol

Thanks LowWaterMark,

As it happens I only upgraded to the new version this week and I absolutely love it... wish I'd done it ages ago now.

But the funny thing is... it was this very point about the count always being displayed from the install that was the only thing I didn't like... you have sorted it... cheers.

-{ Quote: " quoting: notageek link=board=23;threadid=4633;start=0#30544 date=1036455417]
Maybe if we keep our fingers crossed ZL will pick up on this and put a clear counter in their next update. lol
" }-

Your comment has been suggested and forwarded on to Zonelabss Technicial Staff ;)

Thanks for that tip.
That's a useful reg file.

Hi
My first post.

Thanks and Thanks again, LowWaterMark. I have always liked to have done this there bang done your Cool, Thanks again. I can not post as
much as I like would as I am disable typing is so slow for me I wished
I find a program, to help with it. Anyway Thanks again

CooLTempo

Hi CooLTempo

...and welcome to Wilders :)

Regards,

CrazyM

Hi CooLTempo,

You're very welcome. :)

I'm glad you found this useful. And I hope you enjoy your time here.

Best Wishes,
LowWaterMark

Hi again LowWaterMark

How do I make the notepad txt.file in to a reg.file so I can get it to

merge in the reg, To save having to go to regedit each time to do the

reset.

Thanks Again

CooLTempo 8)

In Notepad when you use the Save or Save As... options, you can over ride the default file name that will be used. Normally, a file saved via Notepad will be named like this: somefilename.txt But, if you choose a name like: ZA-count-reset.reg it'll be saved as a registry file which you can simply doubl-click on anytime you want to clear those settings.

-{ Quote: " quoting: LowWaterMark link=board=23;threadid=4633;start=0#msg30394 date=1036372636]To reset these counters, you need to use..." }-i just found this thread and cleared the intrusion attempt counts on my machines today. thank you very much, LWM, for posting this great info. it really should (and i suspect it shall soon) become a standard feature in a future upgrade.

now to try the reg file....

best regards

:)

mark

This is great information, however, I did have problems running the reg. file until I discovered that I could not use Windows Registry Editor Version 5.00 which is for versions other than Windows 98 or NT 4.0. I instead had to use REGEDIT4 for my Windows 98SE version.

Thank you for this little file, LWM.

-{ Quote: " quoting: Stoofer link=board=23;threadid=4633;start=15#msg84791 date=1062549314]... I did have problems running the reg. file until I discovered that I could not use Windows Registry Editor Version 5.00 which is for versions other than Windows 98 or NT 4.0. I instead had to use REGEDIT4 for my Windows 98SE version." }-

Hi Stoofer,

That's a very good point. In fact, I've been using REGEDIT4 almost exclusively in all my recommended reg files for a while now, but, this thread is coming up on a year old now and I hadn't gone back and fixed that - until now! Thanks for mentioning it. http://www.wilderssecurity.com/images/icons/icon14.gif

Best Wishes,
LowWaterMark

-{ Quote: "I can not post as
much as I like would as I am disable typing is so slow for me I wished
I find a program, to help with it. Anyway Thanks again

CooLTempo " }-

Hope your wish has already come true CoolTempo saw these (as you do) after reading this thread one of them had a good user rating thats as much as I know and most important to me supposedly freeware.

Click-N-Type 2.02 (popular pick) http://download.com.com/3000-2094-6343862.html?tag=lst-0-20

Point-N-Click 2.0 http://download.com.com/3000-2094-7220357.html?tag=lst-0-16

Sorry I'm a bit off the thread admin

Hello, I was reading through "help" and it seems handy enough to clear. Open up ZA, left hand side>>"Overview". Header>>"Status" and at bottom of page you will see "Reset to Default".
My version is 3.7.211.

Hi mOp,

Actually, that option simply resets the current session stats (i.e. the Inbound Protection and Email Protection counts), not the totals blocked intrusions at the top of that screen. This is the popup you get when using the option you mention:

OK LowWaterMark, got it wrong again :-[
That is the same popup as I get.

Actually, I probably should have documented that in the first post here. I was more concerned about clearing the grand totals. I never thought about the session stats. A lot of people may not have realized those could be cleared by using that option.

Hi,when you find the BLOCKCOUNT & HACKCOUNT numbers in regedit----how do you change the numbers? Please be specific.
THANK YOU

-{ Quote: "Has the total number of alert and intrusion attempts logged by your Zone Alarm firewall got you depressed? Would you like to reset those counts periodically, to give yourself a fresh start, or so you can more easily see just how many you're logging in a week or a month? Well, you can do this without having to reinstall Zone Alarm.

The total number of intrusions and the count of those that were considered "high-rated", as seen in the attached ZA screen shot, can be easily modified.

http://www.wilderssecurity.com/attachments/zapintrusionsummarynov03.gif

I've started resetting the total intrusion counters in ZA at the start of each month, in an attempt to see the change in the overall trends . It's amazing how since the start of the Opaserv/Bugbear NetBIOS scans that I now get more scans each month then I got the entire year before.

To reset these counters, you need to use Regedit. The usual warnings about editing the registry apply (make a backup, use caution, etc.) If you are uncomfortable using regedit, then you shouldn't use it or attempt to try this tweak.

To reset the counts manually go into Regedit and locate the key:

[HKEY_LOCAL_MACHINE\SOFTWARE\Zone Labs\ZoneAlarm]

Notice the two values BlockCount and HackCount. These are where ZA stores the running counts for intrusions since installation (or your last reset). You can change these values as you like.

You can also make a regedit file that you could use to assist in this task. Create a file in Notepad named something like ZA-Count-Reset.reg, and paste these lines into it...



Merge this file into the registry anytime you want to reset the counts to zero. Note that ZA must be restarted for these new numbers to take effect. The way I do this is I first shutdown ZA, run this file to reset the counters, and then restart ZA. (If you are going to shutdown your firewall, then be sure to be disconnected from the net when you do so.)

Enjoy,
LowWaterMark

- Changed version on regedit header for better platform compatibility - 09/02/03" }-


How do you actually reset the numbers to zero once you have found them in regedit? Please be specific.THANK YOU

Hi, pompste

-{ Quote: "You can also make a regedit file that you could use to assist in this task. Create a file in Notepad named something like ZA-Count-Reset.reg, and paste these lines into it...

REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Zone Labs\ZoneAlarm]
"BlockCount"=dword:00000000
"HackCount"=dword:00000000" }-

-{ Quote: "How do I make the notepad txt.file in to a reg.file so I can get it to

merge in the reg, To save having to go to regedit each time to do the reset." }-

-{ Quote: "In Notepad when you use the Save or Save As... options, you can over ride the default file name that will be used. Normally, a file saved via Notepad will be named like this: somefilename.txt But, if you choose a name like: ZA-count-reset.reg it'll be saved as a registry file which you can simply doubl-click on anytime you want to clear those settings." }-

If you make a folder somewere [My Documents] and put the reg.file in it you can reset any time, it is better then having to open regedit and find and reset the key.

Hope this is of some help.

Take Care,
TheQuest 8